The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Ubuntu

SHA1: information disclosure via Chosen-Prefix Collision
An attacker can trigger a Chosen-Prefix Collision on SHA1, in order to alter a signature, to obtain sensitive information...
Shambles, USN-4233-1, USN-4233-2, VIGILANCE-VUL-31290
Linux kernel: denial of service via cpu.cfs_quota_us
An attacker can trigger a fatal error via cpu.cfs_quota_us of the Linux kernel, in order to trigger a denial of service...
CERTFR-2020-AVI-005, CVE-2019-19922, DLA-2068-1, USN-4226-1, VIGILANCE-VUL-31232
Apache Tomcat: privilege escalation via FORM authentication session fixation
An attacker can bypass restrictions via FORM authentication session fixation of Apache Tomcat, in order to escalate his privileges...
CERTFR-2019-AVI-643, CVE-2019-17563, DLA-2077-1, DSA-4596-1, K24551552, openSUSE-SU-2020:0038-1, SUSE-SU-2020:0029-1, SUSE-SU-2020:0226-1, USN-4251-1, VIGILANCE-VUL-31188
Linux kernel: information disclosure via drivers/net/can/usb/peak_usb/pcan_usb_core.c
A local attacker can read a memory fragment via drivers/net/can/usb/peak_usb/pcan_usb_core.c of the Linux kernel, in order to obtain sensitive information...
CERTFR-2019-AVI-639, CERTFR-2019-AVI-652, CERTFR-2019-AVI-655, CERTFR-2020-AVI-005, CERTFR-2020-AVI-013, CERTFR-2020-AVI-029, CERTFR-2020-AVI-046, CVE-2019-19534, DLA-2068-1, openSUSE-SU-2019:2675-1, SUSE-SU-2019:3289-1, SUSE-SU-2019:3316-1, SUSE-SU-2019:3317-1, SUSE-SU-2019:3372-1, SUSE-SU-2019:3379-1, SUSE-SU-2019:3381-1, SUSE-SU-2019:3389-1, SUSE-SU-2020:0093-1, USN-4225-1, USN-4225-2, USN-4226-1, USN-4227-1, USN-4227-2, USN-4228-1, USN-4228-2, VIGILANCE-VUL-31053
Linux kernel: information disclosure via Powerpc Spectre-RSB
An attacker can bypass access restrictions to data via Powerpc Spectre-RSB of the Linux kernel, in order to obtain sensitive information...
CERTFR-2019-AVI-612, CERTFR-2019-AVI-639, CERTFR-2019-AVI-652, CERTFR-2020-AVI-005, CERTFR-2020-AVI-013, CERTFR-2020-AVI-029, CERTFR-2020-AVI-046, CERTFR-2020-AVI-051, CVE-2019-18660, FEDORA-2019-124a241044, FEDORA-2019-b86a7bdba0, openSUSE-SU-2019:2675-1, RHSA-2020:0174-01, SSA:2020-008-01, SUSE-SU-2019:3200-1, SUSE-SU-2019:3289-1, SUSE-SU-2019:3316-1, SUSE-SU-2019:3317-1, SUSE-SU-2019:3371-1, SUSE-SU-2019:3372-1, SUSE-SU-2019:3379-1, SUSE-SU-2019:3381-1, SUSE-SU-2020:0093-1, USN-4225-1, USN-4225-2, USN-4226-1, USN-4227-1, USN-4227-2, USN-4228-1, USN-4228-2, VIGILANCE-VUL-31018
SQLite: denial of service via TK_COLUMN sqlite3ExprCodeTarget
An attacker can trigger a fatal error via TK_COLUMN sqlite3ExprCodeTarget of SQLite, in order to trigger a denial of service...
CVE-2019-19242, SSB-439005, USN-4205-1, VIGILANCE-VUL-30981
SQLite: denial of service via Sub-Select DISTINCT Window
An attacker can trigger a fatal error via Sub-Select DISTINCT Window of SQLite, in order to trigger a denial of service...
CVE-2019-19244, SSB-439005, USN-4205-1, VIGILANCE-VUL-30980
Mozilla NSS: buffer overflow via NSC_EncryptUpdate
An attacker can trigger a buffer overflow via NSC_EncryptUpdate() of Mozilla NSS, in order to trigger a denial of service, and possibly to run code...
CVE-2019-11745, DLA-2008-1, DSA-4579-1, FEDORA-2019-3f6ab3b846, FEDORA-2019-8fbc65ef9e, MFSA-2019-36, MFSA-2019-37, MFSA-2019-38, openSUSE-SU-2020:0002-1, openSUSE-SU-2020:0003-1, openSUSE-SU-2020:0008-1, RHSA-2019:4114-01, RHSA-2019:4152-01, RHSA-2019:4190-01, RHSA-2020:0243-01, SSA:2019-337-01, SUSE-SU-2019:14260-1, SUSE-SU-2019:3337-1, SUSE-SU-2019:3339-1, SUSE-SU-2019:3347-1, SUSE-SU-2019:3395-1, USN-4203-1, USN-4203-2, USN-4216-1, USN-4241-1, VIGILANCE-VUL-30971
Ruby: code execution via Shell First Argument
An attacker can use a vulnerability via Shell First Argument of Ruby, in order to run code...
CVE-2019-16255, DLA-2007-1, DLA-2027-1, DSA-4586-1, DSA-4587-1, USN-4201-1, VIGILANCE-VUL-30970
Ruby: information disclosure via WEBrick HTTP Response Splitting
An attacker can bypass access restrictions to data via WEBrick HTTP Response Splitting of Ruby, in order to obtain sensitive information...
CVE-2019-16254, DLA-2007-1, DLA-2027-1, DSA-4586-1, DSA-4587-1, USN-4201-1, VIGILANCE-VUL-30969
Our database contains other pages. You can request a free trial to read them.

Display information about Ubuntu: